Privacy Policy

Introduction

In the course of OsteoStrong Australia’s business in Australia, there may be circumstances where OsteoStrong Australia collects personal information and the OsteoStrong Australia Privacy Policy has been developed to ensure that such information is handled appropriately.

OsteoStrong Australia is committed to complying with the Privacy Act 1988 in relation to all personal information it collects. This commitment is demonstrated in this Policy. The Privacy Act incorporates the Australian Privacy Principles, and personal information held by OsteoStrong Australia will be treated in accordance with those Principles.

This Policy sets out the broad controls which OsteoStrong Australia has adopted to govern the way it collects and uses personal information, the circumstances in which it might disclose personal information to third parties, how persons can access their personal information held by OsteoStrong Australia and what they can do if they are unhappy with OsteoStrong Australia’s treatment of their personal information.

We may make changes to this Privacy Policy from time to time without notice, via the uploading of an updated version of the Privacy Policy on osteostrong.com.au.

Who is OsteoStrong Australia?

In this Policy, “OsteoStrong Australia” refers to The Trustee for OsteoStrong Australia Trust (ABN 56 922 827 045)

Who does the OsteoStrong Australia Privacy Policy apply to?

This Policy applies to any individuals in respect of whom OsteoStrong Australia currently holds, or may in the future collect, personal information.

What information does the OsteoStrong Australia Privacy Policy apply to?

This Policy applies to personal information. “Personal information” is information or an opinion about an identified individual or an individual who is reasonably identifiable, whether true or not, and whether recorded in a material form or not.

In this Policy there are also references to “sensitive information”. “Sensitive information” is information or an opinion about a person’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, or health, genetic or biometric information. Sensitive information is a subset of personal information.

What information is not personal information?

Information where OsteoStrong Australia has removed any reference to a person, so that the person cannot be reasonably identifiable from the information, is not personal information.

OsteoStrong Australia may use this information for its own purposes and commercial gain. For example, the fact that x users aged 30-35 have accessed a OsteoStrong Australia website is not personal information.

How and when does OsteoStrong Australia collect personal information?

OsteoStrong Australia collects personal information in a variety of ways in the course of conducting its businesses, including:

  • Providing goods and services and related information to customers, and administering customer accounts;
  • Engaging suppliers, contractors and other personnel;
  • Responding to questions regarding our products and our business;
  • Interacting with people via our websites;
  • Social Media engagement;
  • Mail subscription via Social Media and Website engagement;
  • Conducting trade promotions and competitions; and
  • Security video surveillance at OsteoStrong Australia sites.

The kinds of personal information collected and held by OsteoStrong Australia include (depending on the circumstances) names, addresses and other contact details, details about a person’s work experience and other qualifications, date of birth, driver’s licence details, bank account details, photographs and video footage.

Where reasonable and practicable, OsteoStrong Australia will collect personal information directly from the person and inform the person that this is being done.

However in some circumstances, it is necessary for OsteoStrong Australia to collect personal information through third party service providers or agents (e.g. OsteoStrong Australia customer information received from operators of OsteoStrong Australia service stations), from a source of publicly available information (e.g. a telephone book) or from an employer (e.g. where a contractor provides personal information about its staff).

At or soon after the time when OsteoStrong Australia collects personal information, OsteoStrong Australia will take reasonable steps to ensure that the person is aware of which OsteoStrong Australia company has undertaken the collection, the purpose(s) of the collection, the main consequences (if any) if the information is not collected, the types of organisation (if any) to which the information may be disclosed (including those located overseas), any law that required the particular information to be collected, and the fact that this Privacy Policy contains details on access, correction and complaints.

Personal information collected by OsteoStrong Australia is held in a variety of formats, including hard copy format and on OsteoStrong Australia’s computer systems.

If OsteoStrong Australia receives personal information that OsteoStrong Australia has not requested (unsolicited information) and OsteoStrong Australia determines that OsteoStrong Australia could not have collected that information under the Australian Privacy Principles if OsteoStrong Australia had requested it, then OsteoStrong Australia will destroy or de-identify the information if it is lawful and reasonable to do so.

Where practicable, you may deal with OsteoStrong Australia anonymously or by pseudonym.

Collection of sensitive information

OsteoStrong Australia will not collect sensitive information unless the person to whom it relates consents to the collection and the information is reasonably necessary for one or more of OsteoStrong Australia’s functions or activities, except where the collection is required or authorised by law, is necessary to prevent or lessen a serious and imminent threat to the person’s (or another person’s) life or health or is necessary in relation to legal proceedings (current, anticipated or potential), or another permitted exception in the Privacy Act applies.

How does OsteoStrong Australia use personal information?

The use to which we can put personal information depends on the reason for which it was collected.

OsteoStrong Australia may use personal information for its primary purpose of collection (e.g. the delivery of goods to the person) or for any related secondary purpose that we could reasonably be expected to use the personal information for.

In certain circumstances, OsteoStrong Australia may use personal information for promotional or direct marketing purposes. However, a person may at any time request OsteoStrong Australia not to use their personal information for sending direct marketing material to that person. Such a request can be made by contacting OsteoStrong Australia either in writing, by email or by telephone at the contact details below. There is no fee for making such a request.

Disclosure of personal information

OsteoStrong Australia respects the privacy of personal information and we will take reasonable steps to keep it strictly confidential.

OsteoStrong Australia will disclose personal information to third parties if it is necessary for the primary purpose of collecting the information, or for a related secondary purpose, if the disclosure could be reasonably expected (e.g. disclosure to a delivery contractor for the purpose of delivering goods ordered from OsteoStrong Australia). Where such a disclosure is necessary, OsteoStrong Australia will require that the third party undertake to treat the personal information in accordance with the Australian Privacy Principles.

Otherwise, OsteoStrong Australia will only disclose personal information to third parties without the consent of the person to whom it relates if the disclosure is:

(a) necessary to protect or enforce OsteoStrong Australia’s legal rights or interests or to defend any claims;

(b) necessary to prevent or lessen a serious threat to a person’s health or safety;

(c) required or authorised by law; or

(d) permitted by another exception in the Privacy Act.

Under no circumstances will OsteoStrong Australia sell personal information without the consent of the person to whom it relates.

An individual OsteoStrong Australia company may disclose personal information to a related OsteoStrong Australia company in Australia or overseas, subject to the provisions of the Privacy Act. In such circumstances, the related company will only use the personal information for the same purposes that the disclosing OsteoStrong Australia company is authorised to use the personal information for.

In accordance with the principles set out in this Policy, as part of its normal operations OsteoStrong Australia transfers personal information to OsteoStrong Australia companies and third parties located in a range of countries in which OsteoStrong Australia or its contractors operate.  The main countries to which OsteoStrong Australia transfers personal information include the United Stated of America.

Information Security

OsteoStrong Australia will take all reasonable steps to ensure that all personal information held by OsteoStrong Australia is secure from any unauthorised access or disclosure. However, OsteoStrong Australia does not guarantee that personal information cannot be accessed by an unauthorised person (e.g. a hacker) or that unauthorised disclosures will not occur.

OsteoStrong Australia will take reasonable steps to destroy or permanently de-identify personal information if it is no longer needed for the purposes for which OsteoStrong Australia is authorised to use it.

Accessing personal information

A person may request to access personal information about them held by OsteoStrong Australia. Such a request must be made in writing to the address below.

OsteoStrong Australia will grant a person access to their personal information as soon as possible, subject to the circumstances of the request.

A request to access personal information will be rejected if:

  • The request is frivolous or vexatious;
  • Providing access would have an unreasonable impact on the privacy of another person;
  • Providing access would pose a serious and imminent threat to the life or health of any person;
  • Providing access would prejudice OsteoStrong Australia’s legal rights; or
  • There are other legal grounds to deny the request.

OsteoStrong Australia may charge a fee for reasonable costs incurred in giving access to an individual’s personal information. The fee (if any) will be disclosed prior to it being levied.

Correcting personal information

OsteoStrong Australia will take reasonable steps to ensure the accuracy and completeness of the personal information we hold. However, if a person believes that any personal information that we hold about them is inaccurate or out of date, then they should contact OsteoStrong Australia in writing at the address below.

Complaints

If a person wishes to complain about a breach by OsteoStrong Australia of the OsteoStrong Australia Privacy Policy, the Australian Privacy Principles, the Credit Reporting Privacy Code or a registered APP Code which binds OsteoStrong Australia (if any), a complaint may be lodged in writing by post or by email to the address set out in “Contact OsteoStrong Australia” below.

OsteoStrong Australia deals with complaints via our internal data privacy complaint process, under which a OsteoStrong Australia contact officer will be allocated to assess your complaint and respond to you within a reasonable timeframe. OsteoStrong Australia takes all complaints seriously and any further action after our initial response to you will vary depending on the nature of your complaint.

Additional information regarding Credit Information

This Privacy Policy also applies in relation to OsteoStrong Australia’s collection and use of credit information of individuals, in connection with commercial credit provided by OsteoStrong Australia.

The types of credit information that OsteoStrong Australia collects and uses for the purpose of assessing an application for commercial credit and administering a commercial account include:

  • names, addresses and other contact details of accountholders and guarantors (both prospective and current);
  • bank account details;
  • driver’s licence details;
  • financial information;
  • information on the assets held by an individual.

Such information is collected from the relevant individual and from credit reporting bodies, as well as from publicly available information.  OsteoStrong Australia uses the information collected to create an internal credit assessment report.

OsteoStrong Australia does not disclose credit information to credit reporting bodies, except for an individual’s identity in order to obtain a credit report from the credit reporting body.

Cookies policy

We use the term “cookies” to refer to cookies and other similar technologies covered by the EU Directive on privacy in electronic communications.

What is a cookie?

Cookies are small data files that your browser places on your computer or device.  Cookies help your browser navigate a website and the cookies themselves cannot collect any information stored on your computer or your files.

When a server uses a web browser to read cookies they can help a website deliver a more user-friendly service. To protect your privacy, your browser only gives a website access to the cookies it has already sent to you.

Why do we use cookies?

We use cookies to learn more about the way you interact with our content and help us to improve your experience when visiting our website.
Cookies remember the type of browser you use and which additional browser software you have installed. They also remember your preferences, such as language and region, which remain as your default settings when you revisit the website. Cookies also allow you to rate pages and fill in comment forms.

Some of the cookies we use are session cookies and only last until you close your browser, others are persistent cookies which are stored on your computer for longer.  For further details on the various types of cookies that we use, please read our cookie policy.

How are third party cookies used?

For some of the functions within our websites we use third party suppliers, for example, when you visit a page with videos embedded from or links to YouTube. These videos or links (and any other content from third party suppliers) may contain third party cookies and you may wish to consult the policies of these third party websites for information regarding their use of cookies. For further details on the third party cookies that we use, please click read our page on cookie types.

How do I reject and delete cookies?

We will not use cookies to collect personally identifiable information about you. However, should you wish to do so, you can choose to reject or block the cookies set by OsteoStrong Australia or the websites of any third party suppliers by changing your browser settings – see the Help function within your browser for further details.

Please note that most browsers automatically accept cookies so if you do not wish cookies to be used you may need to actively delete or block the cookies.

You can also visit www.allaboutcookies.org for details on how to delete or reject cookies and for further information on cookies generally. For information on the use of cookies in mobile phone browsers and for details on how to reject or delete such cookies, please refer to your handset manual.

Note, however, that if you reject the use of cookies you will still be able to visit our websites but some of the functions may not work correctly.

Contact OsteoStrong Australia

If there are any questions regarding the OsteoStrong Australia Privacy Policy or the way that OsteoStrong Australia manages personal information or if there are any concerns about OsteoStrong Australia’s treatment of personal information, then OsteoStrong Australia may be contacted by post, telephone or email:

OsteoStrong Australia Privacy Officer
4 Keppler Circuit, Seaford,
Victoria, Australia, 3198

Telephone: +61 03 9770 3000

%d bloggers like this: